Biometric authentication is a personal authentication technique using human physical characteristics and behavioral characteristics. Examples of the human physical characteristics include fingerprint, vein, iris, and DNA. Examples of the behavioral characteristics include handwriting and the like. In the biometric authentication, the authentication is performed by collecting biometric information called a template in advance and comparing the biometric information with information acquired by a sensor when matching is performed.
In recent years, attention is given to a biometric authentication technique in which a somewhat converted template is stored in a database and comparison is performed without restoring the original template when matching is performed. The biometric authentication technique is referred to as a “biometric template protection”. In a system using the biometric template protection, even when a converted template is leaked, the leaked template is made unusable by changing a conversion method, so that it is possible to prevent the leaked template from being accessed.
In the biometric template protection, a plurality of security requirements are requested. One of the security requirements is diversity. The diversity is characteristics that a converted template cannot be cross-matched between a plurality of databases. In other words, the diversity means that converted templates of the same biometric information, which are stored in a plurality of databases respectively, have no commonality.
A template protection method of a so-called key binding method is known as one of the biometric template protection technique. The key binding method is a method in which a template indicating biometric information and auxiliary information generated from a user-unique key are stored in a database and the user-unique key is extracted if matching biometric information is sufficiently close to the template when matching is performed. In the key binding method, matching can be performed without registering the template itself that indicates the biometric information in the database.
Typical examples of a scheme that realizes the key binding method include fuzzy commitment and fuzzy vault which use a technique of error correcting code. It is known that the fuzzy commitment is a method that uses exclusive-OR of quantized biometric information and random information. It is known that the fuzzy vault conceals optional secret information by using a pair of pieces of information prepared in advance as a key. It is known that, in the key binding method by the fuzzy commitment or the fuzzy vault, the auxiliary information generated from a template and a user-unique key for the same biometric information includes a common portion (for example, see Non-Patent Documents 1 to 3).
Non-Patent Document 1: A. K. Jain, K. Nandakumar, and A. Nagar, “Biometric template security (review article)”, EURASIP Journal on Advances in Signal Processing, pp. 1-17, 2008
Non-Patent Document 2: A. Juels and M. Wattenberg, “A fuzzy commitment scheme”, in Proceedings of 6th ACM Conference on Computer and Communications Security (ACMCCS '99), pp. 28-36, 1999
Non-Patent Document 3: A. Juels and M. Sudan, “A fuzzy vault scheme”, in Proceedings of the IEEE International Symposium on Information Theory, p. 408, 2002.
However, the schemes that realize the related key binding method have a problem that the schemes cannot satisfy the diversity that is one of the security requirements of the biometric template protection. In other words, in the key binding method by the fuzzy commitment or the fuzzy vault, the auxiliary information generated from a template and a user-unique key for the same biometric information includes a common portion, so that cross-matching can be done between a plurality of databases. That is, such a key binding scheme does not satisfy the diversity.
The above problem occurs not only in the matching of biometric information, but also in collation of numerical information such as positional information and confidential information.